I5:FeatureTest-OpenID Provider Support for Phishing-Resistant Authentication

From OSIS Open Source Identity Systems
Jump to: navigation, search

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|FeatureTest-OpenID Provider Support for Phishing-Resistant Authentication}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider Support for Phishing-Resistant Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=FeatureTest,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=FeatureTest,title={{#var:page}},namespace=I5|as XML]]  edit
}}
{{#if:|Feature Test |Feature Test }}   OpenID Provider Support for Phishing-Resistant Authentication
Test Type   bgcolor={{{color}}}}}|PAPE Support
Identifier   bgcolor={{{color}}}}}|FTR-op-pape-1  
Description   bgcolor={{{color}}}}}|Tests OpenID Provider's support for satisfying PAPE Phishing-Resistant Authentication  
Role tested   bgcolor={{{color}}}}}|OpenID Identity Provider  
Known Successful Reference Solution(s)   bgcolor={{{color}}}}}|{{ #if: SignOn.com |
I5:SignOn.com}}{{ #if: |
[[I5:]]}} {{ #if: |
}} {{ #if: |
}}  
Success Criteria   bgcolor={{{color}}}}}|Correct PAPE response provided when phishing-resistant authentication method used  
Failure Criteria   bgcolor={{{color}}}}}|No or incorect PAPE response provided, failure, or exception  

Features Proven

{{#dpl:debug=1

 |resultsheader=\n
 |noresultsheader= {|\n|bgcolor=#eeeeee|No matching Feature found.\n|}\n
 |category=Feature
 |namespace=I5
 |linksto=I5:FeatureTest-OpenID Provider Support for Phishing-Resistant Authentication
 |nottitlematch = Feature.edit
 |include={Feature}.viewfromtest
 |includematch=/FeatureTest-OpenID Provider Support for Phishing-Resistant Authentication/s
 |table=class=sortable,-,Feature,feature_type,solution_role

}}

Instructions

  1. Open the result page for your solution and for this test.
  2. Visit the I5:JanRain Python sample relying party.
  3. Check the box next to the phishing-resistant URL.
  4. Enter your OpenID and submit it.
  5. Sign into your OpenID provider using a phishing-resistant authentication method.
  6. Verify that the relying party is displaying "An authentication policy response contained these policies: http://schemas.openid.net/pape/policies/2007/06/phishing-resistant".
  7. Set outcome:
    1. If the success criteria was met, set the outcome to "Works".
    2. If the test failed, set the outcome to "Failed" and enter information about the failure in the Notes section.
    3. If other issues occurred set the result to "Issues" and describe them in the Notes section.
  8. Add either four tilde ~~~~ signs or a text name into the "Tested by" parameter.
  9. Update the Date Tested, Browser, and Operating System lines of the results page.